The Relationship Between Automation Complexity and Operator Error

Similar documents
Inherently Safer Design Analysis Approaches

SAFETY SEMINAR Rio de Janeiro, Brazil - August 3-7, Authors: Francisco Carlos da Costa Barros Edson Romano Marins

Basic STPA Exercises. Dr. John Thomas

Proposed Abstract for the 2011 Texas A&M Instrumentation Symposium for the Process Industries

Identification and Screening of Scenarios for LOPA. Ken First Dow Chemical Company Midland, MI

Absorption - The process of contacting a vapor and gas stream with an absorbing liquid to remove specific materials from the gas stream.

Every things under control High-Integrity Pressure Protection System (HIPPS)

Using LOPA for Other Applications

Delayed Coker Automation & Interlocks

Inerted Vessels: Preventing Hazards Caused by Gas Buoyancy

General Duty Clause. Section 112(r)(1) of CAA. Chris Rascher, EPA Region 1

Relief Systems. 11/6/ Fall

Safety in Petroleum Industry

THE BAKER REPORT HOW FINDINGS HAVE BEEN USED BY JOHNSON MATTHEY TO REVIEW THEIR MANUFACTURING OPERATIONS

Process Safety Management Of Highly Hazardous Chemicals OSHA 29 CFR

Impact on People. A minor injury with no permanent health damage

Systems Theoretic Process Analysis (STPA)

Learning from Dangerous Occurrences in the Chemical Industries

OPERATING PROCEDURES

Transient Analyses In Relief Systems

Expert System for LOPA - Incident Scenario Development -

REPEATED ACCIDENT CAUSES CAN WE LEARN?

Understanding IPL Boundaries

Lessons Learned from the Texas City Refinery Explosion Mike Broadribb

PSM/RMP WEBINAR SERIES

Drain Splash Back Burns Operator

SAFETY PLAN REVIEW. FirstElement Safety Plan Review Submission for the California Energy Commission General Funding Opportunity GFO

Engineering Safety into the Design

Improving Accuracy of Frequency Estimation of Major Vapor Cloud Explosions for Evaluating Control Room Location through Quantitative Risk Assessment

SAFETY TRAINING LEAFLET 06 CARBON DIOXIDE

FUNCTIONAL SAFETY: SIL DETERMINATION AND BEYOND A CASE STUDY FROM A CHEMICAL MANUFACTURING SITE

I. CHEM. E. SYMPOSIUM SERIES NO. 85 MULTI-STAGE OVER PRESSURE PROTECTION AND PRODUCT CONTAINMENT ON HIGH PRESSURE POLYMERISATION REACTORS

PART 1.2 HARDWARE SYSTEM. Dr. AA, Process Control & Safety

Safety Engineering - Hazard Identification Techniques - M. Jahoda

Process Safety Value and Learnings Central Valley Chemical Safety Day March 20, 2014

Control Performance: An Imperative for Safety

API th Edition Ballot Item 7.8 Work Item 4 Gas Breakthrough

Are We Doing It Wrong? Jim McGlone, MBA, GICSP CMO, Kenexis

PSM TRAINING COURSES. Courses can be conducted in multi-languages

HUMAN FACTORS CHECKLIST

CHAPTER 7: THE FEEDBACK LOOP

Title: Pressure Relieving and Venting Devices Function: Ecology & Safety No.: BC Page: 1 of 7 Reviewed: 6/30/12 Effective: 7/1/12 (Rev.

Systems Theoretic Process Analysis (STPA)

VALIDATE LOPA ASSUMPTIONS WITH DATA FROM YOUR OWN PROCESS

Implementing IEC Standards for Safety Instrumented Systems

MAHB. INSPECTION Process Hazard Analysis

Are Your Credits Worthy?

Focus on VOC Emissions Reduction Using an Oxygen Based Inerting Control System For Inert Gas Blanketing of Chemical Process Vessels

National Safety Council 94 th Annual Congress and Expo. Commitment to a Proactive Safety Culture: Abnormal Situation Recognition and Management

The Risk of LOPA and SIL Classification in the process industry

Risk Analysis and Hazard Reduction Report V1.0

Advanced LOPA Topics

SIL Allocation. - Deterministic vs. risk-based approach - Layer Of Protection Analysis (LOPA) overview

Safe Work Practices and Permit-to-Work System

RELIEF VALVES IN PARALLEL

IMPERIAL CHEMICAL INDUSTRIES LIMITED PETROCHEMICALS DIVISION. SAFETY NEWSLETTER No 66

innova-ve entrepreneurial global 1

INHERENTLY SAFER DESIGN CASE STUDY OF RAPID BLOW DOWN ON OFFSHORE PLATFORM

Knowledge, Certification, Networking

AUSTRALIA ARGENTINA CANADA EGYPT NORTH SEA U.S. CENTRAL U.S. GULF. SEMS HAZARD ANALYSIS TRAINING September 29, 2011

Steam System Best Practices 14 Best Practices for Guide Lines for Boiler Plant Log Books

GUIDELINES FOR CONDUCTING HYDROGENATION REACTIONS

Characterizers for control loops

Longford Royal Commission into the Explosion and Fire on 25 September 1998 at the Esso Gas Processing Plant

USING HAZOP TO IDENTIFY AND MINIMISE HUMAN ERRORS IN OPERATING PROCESS PLANT

"Although a good start with a good project, others are as much a hostage of the "human factor".

ISOPA PRODUCT STEWARDSHIP PROGRAMMES. Walk the Talk. Methylene Chloride

Dow s New Practice for Locating Temporary Portable Buildings. P. Partridge 9/29/05 UNRESTRICTED - May be shared with anyone Slide 1

Training Fees 3,400 US$ per participant for Public Training includes Materials/Handouts, tea/coffee breaks, refreshments & Buffet Lunch.

RICK FAUSEL, BUSINESS DEVELOPMENT ENGINEER TURBOMACHINERY CONTROL SYSTEM DESIGN OBJECTIVES

Requirements for Reduced Supervision of Power Plants, Thermal Liquid Heating Systems, and Heating Plants

A large Layer of Protection Analysis for a Gas terminal scenarios/ cause consequence pairs

Session One: A Practical Approach to Managing Safety Critical Equipment and Systems in Process Plants

Knowledge, Certification, Networking. SAFETY IN PROCESS EQUIPMENT DESIGN INHERENT SAFER DESIGN CPE I FUNDAMENTALS TABLE OF CONTENT

QUANTIFYING THE TOLERABILITY OF POTENTIAL IGNITION SOURCES FROM UNCERTIFIED MECHANICAL EQUIPMENT INSTALLED IN HAZARDOUS AREAS

Physical explosion analysis in heat exchanger network design

Process Safety Journey

Pressure Relief Device Investigation Testing Lessons Learned

American Chemical Society (ACS) 246th ACS National Meeting Indianapolis, Indiana September 9, 2013

Section 1. Registration Information

FUNDAMENTAL SAFETY OVERVIEW VOLUME 2: DESIGN AND SAFETY CHAPTER F: CONTAINMENT AND SAFEGUARD SYSTEMS 7. CONTAINMENT HEAT REMOVAL SYSTEM (EVU [CHRS])

User Manual. Version: 1.1 Revision Date: 13 September 2018 Document Owner: Louisa Nara, CCPS Global Technical Director

Fires and Explosions: What You Need to Know to Prevent Them

Hazard Identification

Introduction to Emergency Response & Contingency Planning

Relief System Sizing for Runaway Chemical Reactions: A Simple Comprehensive Approach

Incorrect Relief Valve Material Causes Release

Confined Space Entry. My Experience so far.

Knowledge, Certification, Networking. Hazard and Operability Study HAZOP. Certified Practicing Safety Professional CPSP Training Module

Major Hazard Facilities. Hazard Identification

API Standard Venting Atmospheric and Low-Pressure Storage Tanks: Nonrefrigerated and Refrigerated

Hazardous material transport accidents: analysis of the D.G.A.I.S. database

Reliability of Safety-Critical Systems Chapter 4. Testing and Maintenance

Introduction to HAZOP Study. Dr. AA Process Control and Safety Group

International Process Safety Workshop Essar Steel, Surat 29 th 30 th November Explosion in 1 st Ammonia Scrubber

PREDICTING HEALTH OF FINAL CONTROL ELEMENT OF SAFETY INSTRUMENTED SYSTEM BY DIGITAL VALVE CONTROLLER

FIRE AND EXPLOSION HAZARDS WITH THERMAL FLUID SYSTEMS

Thank You for Attending Today s Webinar. Today s Featured Speaker

CASE STUDY. Compressed Air Control System. Industry. Application. Background. Challenge. Results. Automotive Assembly

Basic STPA Tutorial. John Thomas

Transcription:

The Relationship Between Automation Complexity and Operator Error presented by Russell Ogle, Ph.D., P.E., CSP rogle@exponent.com (630) 274-3215

Chemical Plant Control Control physical and chemical processes to maintain desired conditions Control agents Plant operator Basic process control system Greater automation does not necessarily reduce opportunity for operator error

-N. Leveson, A New Accident Model For Engineering Safer Systems, Safety Science, 42: 237-270 (2004) Automated Process Control

Reliance on Operators Operator often relied on as primary line of defense Operator intervention not always successful Accident investigation must distinguish between: Operator error System deficiency

Chemical Process Accident Normal operation Abnormal conditions Disturbance grows Containment strength exceeded Hazardous release Disturbance Operator intervention Protective systems Process equipment and control systems Procedures, training and supervision Safety instrumented systems and engineering controls

Human Error Taxonomy -Adapted from James Reason (1990) appearing in CCPS, Guidelines for Investigating Chemical Process Incidents, Second Edition. AIChE, NY (2003)

Case Study Analysis Layer of protection analysis Automation complexity Origin of operator error

Layer of Protection Analysis Independent Protection Layers (IPL): 1. Basic process design 2. Basic process control system 3. Critical alarms and operator intervention 4. Safety instrumented systems 5. Physical 1 & 2 are protection not counted devices as IPL s 6. Post-release physical protection 7. Plant emergency response 8. Community Emergency response Accident Investigation Focuses on 3, 4 & 5

Automation Complexity Low Complexity Operator is interacting with single control loop Prone to single event failures High Complexity Operator is interacting with multiple control loops Prone to multiple event failures

Operator Error Operator error defined as deviation from a desired outcome (Reason, 1990) Challenge to operator: Identify Diagnose Correct disturbance Case studies suggest that the nature of the error is a function of complexity

Case Study Background Six case studies involving operator error High and low levels of automation complexity Impact Six Fatalities Thirty Injuries >$300,000,000 property damage

Case Studies Table 1. Summary of case studies. CASE STUDY AUTOMATION COMPLEXITY AUTOMATION TECHNOLOGY Case 1 Low Local analog controller Case 2 Low Manual operation and SCADA/PLC Case 3 Low Manual operation Case 4 High DCS and SCADA/PLC SAFETY INSTRUMENTED SYSTEM No No No Inadequate OPERATOR ERROR Incorrect setpoint Wrong order of reactant addition Limiting reactant omitted Failure to detect abnormal condition Case 5 High SCADA/PLC Defeated Failure to detect abnormal condition Case 6 High DCS and SCADA/PLC Defeated Wrong control action OPERATOR RESPONSE TIME 1-2 minutes 1-2 minutes 1-2 minutes 6 hours 4 hours 30 minutes

Case Study 1 Batch Process Oven - Low Automation Complexity Parts curing operation Evaporate naphtha solvent Temperature control via circular recorder controller Temperature program via plastic cam Temperature ramp Positive ventilation Operator Deviation Explosion

Wrong Temperature Cam

Incorrectly Pre-Heated Oven Pre-Heat T T from Normal

Case Study 3 Hydrogenation Rxn - Low Automation Complexity Liquid + Catalyst + H 2 + Heat Add H 2 based on pressure Forgot to add unsaturated organic feed Manual push-button control, no interlocks Heated vessel, but H 2 not absorbed H 2 vented through relief system Overhead vapor cloud explosion

Pressure Trend Normal Operation Pressure Reaction Reaction with Hydrogen Makeup Blowdown Addition Time

Pressure Trend Deviation from Normal Pressure Rupture disc Deviation: vents reactor No Reaction Time

Case Study 4 Polymerization Rxn - High Automation Complexity Alternating batch reactors for VCM Intermediate wash/rinse cycles Installation of new Degas Tank Process interruption leads to condensed VCM in reactor Condensed VCM dumped to atmospheric vessel Atmospheric vessel rupture, vapor cloud explosion

Condensed VCM Trapped Rinse Liquid VCM

Ruptured Storage Tank

Case Study 6 Mineral Processing - High Automation Complexity Flash tank section of extraction process Electrical power outage Operator chose an uncontrolled blow- down Low MAWP vessels P transmitter ranges exceeded High rate of flashing flow; Low MAWP vessels and high P piping explode

Process Controllers

Explosion Damage

Layer of Protection Analysis Process Hazard Analysis Hazard Safeguard (layer of protection) Allocation of Safeguard Function Operator Intervention Safety Instrumented System Active Safety Device Passive Safety Device

Operator Intervention Routine Operations Process Upsets Startup Shutdown Emergency Operations Emergency Shutdown What are the operating limits? Consequences of a deviation? Steps required to correct or avoid a deviation?

Another Definition of Human Error Any significant deviation from a previously established, required or expected standard of human performance. -Dan Petersen, Human Error Reduction and Safety Management, Third Edition (1996)

What Causes Operator Error? Less than adequate... Procedures Training Supervision Communications Human Engineering Work Direction Management System

Conclusions Question the effectiveness of operator intervention Consider SIS for high hazard emergency shutdowns Low automation complexity processes are prone to single event failures fast to develop High automation complexity processes are prone to multiple event failures slow to develop

2024 © sportdocbox.com Privacy Policy | Terms of Service | Feedback